[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

linux random capabilities ...

hello people,

i was talking to a friend, and he was describing the inability of PC
based security devices to have proper pseudo-random number generation. 
This sounds to me that i needed some investigation. My general question 
is: does someone ever heard about any type of cryptographic attack using
flaws in the random number generation ? Is there (even therically) possibilites
to be able to guess those numbers ? I know that some protocols add some
more randomness (like ipsec, using the last cyphered block in the antropy
pool etc..), but i'd like to have a clear idea on how secure those
mechanims are. 

Finally, i read here and there some work on hardware random generation devices
(based on radio activity readings, or diods based devices or whatever), is
there anyone with some experience with those ? 




-> Jean-Francois Dive
--> jef@linuxbe.org

Reply to: